Next-Generation Malware on the Way, Warns M86

Security Company M86 Security in its half-yearly report titled "Focuses on Second Half of 2010" cautions IT professionals that they must greatly increase their resources for keeping machines patched since fresh malicious programs are getting ready to arrive.

Expectedly, these malicious programs will include software-targeting malware, which exploits users of social-networking websites.

Moreover, M86's report discloses that exploits which most commonly aim at known security flaws for which patches are already available continue, wherein attackers' consistent preferences are Internet Explorer and Adobe Acrobat/Reader.

Also, attackers keep on targeting patched flaws within applications, which aren't made up-to-date, as the contamination spots during malevolent assaults. This emphasizes what's already known that numerous end-users are yet to make their Web-browsers as well as other intermediary applications up-to-date.

States M86 Security, like before, exploit toolkits are becoming increasingly popular. As per the latest style, an increased number of toolkits are providing customers the desired services, thereby adopting the model of "one-stop shop" in greater measures. Some important examples are the Neosploit, which offers Malware-as-a-Service and the Siberia Exploit Kit, which offers a scanning module. These services are signs that the abilities of exploit toolkits are imbibing a change.

Moreover, the conventional styles of spam attacks through e-mail are fading, but methods of spamming, utilizing Facebook, Twitter, LinkedIn and other social-networking websites, are escalating. Spam campaigns that target LinkedIn bear an authentic appearance, welcoming members for establishing contact with other members, but actually link them up with a web-page that spreads infection through the Phoenix attack toolkit while attempting at manipulating the victimized PCs via different security flaws.

Additionally, ever-since SpyEye Trojan's creator got the Zeus or Zbot Trojan's source code, it's anticipated among security players that 2012 will witness the malware in an even advanced version.

Specialists caution that the strong tendency for cyber-criminals as well as security firms to beat each other continues, as malware writers find fresh methods for evading security mechanisms which try to stop their attacks on consumers and organizations.

Hence, computer-operators are recommended that they must keep their software up-to-date as the most optimum method for keeping them from getting victimized.